How a malicious help file can install a spyware keylogger

[Jack]

Do you think that Windows help file is safe? Think again.

Malware authors can create boobytrapped .HLP files, designed to infect your computer.

Take for instance, the strange .HLP file which was sent to SophosLabs by some of our customers at the end of August.

The file, Amministrazione.hlp ("Amministrazione" is Italian for "Administration") was an example of how cybercriminals can use social engineering to trick unsuspecting users into infecting their computers.

If opened, the help file displays an error message:

In the background, however, a file called Windows Security Center.exe is being dropped onto the computer, which in turn creates a file called RECYCLER.DLL.

Read more: http://nakedsecurity.sophos.com/2012/09/10/keylogger-help-file/

 

[Gnosis]

Windows XP "help" is a joke, so I removed it long ago when something came along called "GOOGLE". LOL
I have found that Microsoft likes to dance around, or put you on a rabbit trail, when asked a straightforward question

 

[InternetChicken]

cybercriminals are up to all the tricks ,

 

[DeadDrop]

Interesting, seems nothing is safe these days.

 

[Malware1]

Yesterday I uploaded similar sample: http://malwaretips.com/Thread-Trojan-Horse-HLP-file